Hi everyone,
I’m a newb to yii so bear with me if i’m getting some of the lingo/implementations wrong
So what I am trying to do is restrict a specific action from all users & roles except the "admin" role.
As of now, the role filter doesnt appear to be working for me.
Below is the controller with the rules:
class UsersController extends Controller
{
public function filters() {
return array(
'accessControl'
);
}
public function accessRules() {
return array(
array(
'deny',
'users' => array('*')
),
array(
'allow',
'actions' => array('create'),
'roles' => array('admin')
),
);
}
public function actionIndex() {
$this->render('index');
}
public function actionCreate() {
echo 'Shazam!';
}
}
I am setting the role here:
class UserIdentity extends CUserIdentity
{
public function authenticate()
{
$user = User::model()->find('LOWER(username)=?',array(strtolower($this->username)));
if(!isset($user))
$this->errorCode=self::ERROR_USERNAME_INVALID;
else if(!$user->validatePassword($this->password))
$this->errorCode=self::ERROR_PASSWORD_INVALID;
else {
$auth = Yii::app()->authManager;
if (!$auth->isAssigned($user->role->name, $user->id)){
$auth->assign($user->role->name, $user->id);
$this->setState('role',$user->role->name);
Yii::app()->authManager->save();
}
$this->errorCode=self::ERROR_NONE;
}
return !$this->errorCode;
}
}
When I print the user id it is set to "admin".
Thanks for any help!